package com.shengqiang.cloud.ups.config.shiro;

import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import com.shengqiang.cloud.ups.dao.modal.UpmsPermission;
import com.shengqiang.cloud.ups.dao.modal.UpmsUser;
import com.shengqiang.cloud.ups.dao.repository.master.UpsUserMapper;
import org.apache.logging.log4j.util.Strings;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;
import java.util.Set;

/**
 * Created by Administrator on 2017/12/17.
 */
public class MyShiroRealm extends AuthorizingRealm {

    private static final Logger logger = LoggerFactory.getLogger(MyShiroRealm.class);

    @Autowired
    private UpsUserMapper userDao;

    /**
     * Apache Shiro 授权
     *
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        // 获取用户信息
        UpmsUser user = (UpmsUser) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
        Set<String> permissions= Sets.newHashSet();
        //查询用户角色权限
        List<UpmsPermission> rolePermissions=userDao.selectUserRolePermissions(user.getId());
        //查询用户私有权限
        List<UpmsPermission> userPermissions=userDao.selectUserPermissions(user.getId());

        rolePermissions.forEach(permission->{
            if(Strings.isNotEmpty(permission.getPermission().trim())){
                permissions.add(permission.getPermission());
            }
        });

        userPermissions.forEach(permission->{
            if(Strings.isNotEmpty(permission.getPermission().trim())){
                permissions.add(permission.getPermission());
            }
        });

        authorizationInfo.addStringPermissions(permissions);
        return authorizationInfo;
    }

    /**
     * Apache Shiro 认证
     *
     * @param authenticationToken
     * @return
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

        // 获取用户的输入的账号.
        String username = (String) authenticationToken.getPrincipal();
        UpmsUser user = userDao.queryUserByUserName(username);
        if (user == null) {
            return null;
        }

        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(user, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), "MyShiroRealm");
        return simpleAuthenticationInfo;
    }
}
